Doctors Tell All—and It’s Bad

Meghan O’Rourke in The Atlantic: Doctors Tell All—and It’s Bad.

Having watched my father in his last days, most of which were spent in the hospital, everything she says is true. Being in a hospital, even a smaller one like my dad was, is a terrible experience for all involved. The routines and lack of connection with reality can cause serious mental disturbances, especially in the elderly. Sleep is difficult at best, the food unpalatable and most of the staff, from doctors down to the maintenance folks, are overworked and seem distracted. It’s a truly awful environment.

It’s not all bad. My dad had been going to a podiatrist for months complaining of a painful toe. The podiatrist (I’ll refrain from calling them a doctor) misdiagnosed and mistreated it. Finally, they sent him to a rheumatologist who basically took one look and sent him to the emergency room. If not for that, he would have died sooner.

But he still spent months needlessly in pain. He wasn’t the type to complain so I didn’t think much of it until he finally admitted to me one day that he had trouble sleeping because of it. But by then it was too late, though we didn’t know that at first. That trip to the ER ended up being months of time in the hospital interspersed with time in a rehab facility before he finally passed. He never made it back home, even for a visit. But even in the hospital, getting pain medication for him required far more work than it should have. Since the doctor only stopped by for a short period each day (if at all), asking the nurse for something more than Tylenol required them to have to page the doctor so that he could prescribe something stronger. This would then allow the nurse to unlock the pain medication cabinet for a pill. And if he needed another one later, we would have to go through the same process again.

I don’t place all the blame on the doctors and staff. They were working within the system as it exists today. Most of them were kind and caring and did the best they could under the constraints they must deal with. But something fundamental has to change. After what I’ve seen, I hope I die of a massive heart attack or get hit by a bus, literally anything that will keep me out of a hospital or nursing home. It shouldn’t be this way.


Does Everything Happen for a Reason?

Does Everything Happen for a Reason?

I find this to be an interesting question. I have spent the last decade and a half asking the same thing. I haven’t found an answer. Where you are now is the result of countless little decisions and events. Would you be in the same exact place if even one of them was even slightly different?

POODLE? What the heck is POODLE?

Thought I’d take a few moments and talk about the latest Internet-wide vulnerability called, of all things, POODLE.

But first a little background. Back when the Internet was first created, there was no security. None. Everyone trusted everyone else and the idea that they’d need to keep things secure wasn’t an issue. That worked fine when it was just a couple of universities and a few defense contractors. But the Internet grew and the users connected to it became diverse. And my “diverse” I mean filled with both good and bad guys.

Perhaps you’d expect the folks who created the Internet would go back to the drawing board and redesign things with security built in, but that’s not how those guys think. The Internet was designed to be as simple as possible. If you needed something more than just the ability to move bits from one place to another, you had to create a layer on top of the existing network that did what you needed. That’s why there are things like HTTP (the basis of the World Wide Web), it handles all the special things you need to display web pages that aren’t already there.

The software that the Internet runs on is called TCP/IP. It stands for Transmission Control Protocol/Internet Protocol. TCP handles things like making sure the bits you send somewhere actually get there and in the right order while IP helps tie together different smaller networks so they all seem like one big network. TCP/IP doesn’t care if your bits are from a web page or an email or an MP3 file, it just makes sure it gets to where it’s supposed to go.

That’s why if you want to do cool things like the WWW or email, you have to add software to do it that works with TCP/IP. That’s why if you want to send those bits in a way that no one but your intended recipient can read, you need to add a security layer to TCP/IP. The first attempt to do that is called Secure Sockets Layer or SSL.

SSL uses encryption to achieve that security. And that’s what’s wrong with it and why POODLE is in the news. SSL has gone through three revisions. Version 1 was never really used, version 2 was for a while but it was quickly replaced by version 3. Version 3 hung in there for years but you have to understand that it was designed in the 1990s. The encryption it uses is easily broken. That makes it unsafe to use and it was replaced by Transport Layer Security, or TLS.

TLS has much better encryption, although it’s had to go through multiple versions as well to keep up. Pretty much every computer and operating system supports TLS so you’d think the problem would be gone. Well, you’d think that but unfortunately, many systems still support SSL version 3 as a backup in case something happens with TLS. So instead of getting an error about not being able to securely connect, your computer quietly drops into what is an effectively insecure connection without telling you. So you think you’re secure, but you’re not.

What’s worse, a bad guy can listen in to connections being made and interfere in such a way to force this drop into SSLv3 and read your communications (sometimes called a Man-in-the-Middle attack). All of this is possible because most computers and servers still support SSLv3 “just in case”. Sure it’s broken and not secure but hey, you never know.

POODLE, which stands for Padding Oracle On Downgraded Legacy Encryption, is the official name for that attack. It’s been around for a very long time and really knowing if anyone’s used it or not is difficult. Security folks take the easy route and assume it has. Still, it’s possible to defend against it for the most part.

The majority of network traffic is probably the result of your web browser. Luckily, browsers like Firefox and Internet Explorer can have SSLv3 shut off entirely right now. Both browsers will have new versions with SSLv3 removed eventually so you should look for those updates. Chrome does not allow you to turn SSLv3 off from its settings menu so it will require a new version.

Since so many servers still support SSLv3, they will have to be updated as well. Google is proposing a change for servers to implement but it remains to be seen if everyone is going to use that or adopt something else. The good news is you don’t have to wait as long as you can turn SSLv3 off in your computer/smartphone/tablet etc.

Here are some info links on turning off SSLv3 in various web browsers:

Internet Explorer – Note: Only for version 7 and higher. Version 6 does not support TLS and you shouldn’t be using it.
Chrome – Note: More complicated than the other two.

I should note there’s small probability that if you turn off SSLv3 you might see some connection issues with certain web sites. It won’t be the Googles or Facebooks but more likely smaller sites that haven’t kept up with the times. It’s up to you to decide if viewing them is important enough to turn SSLv3 back on. If you do that, don’t do it while connected to public WiFi. The likelihood of a bad guy who’s looking to take advantage of POODLE also being connected to that access point is quite high.

If you want a nice “ones and zeroes” description of the vulnerability How POODLE Happened is pretty good.

Why smartphone photos of moving objects look so weird

You’ve probably seen smartphone photos of something like a moving propeller where the blades seem to be everywhere but where they should be. That effect is the result of how the image on your phone’s image sensor is scanned when you actually press the shutter button. Jason Cole explains rolling shutters and how they cause those images.

Glen Campbell’s farewell song to his wife

As I mentioned a while back, guitarist and singer Glen Campbell has early-onset Alzheimer’s. He continued to perform, embarking on a farewell tour, until he could no longer do so. He even managed to record some new material for his final album, Ghost on the Canvas, with the help of family and friends.

It was recently announced that he has entered a long-term Alzheimer’s care facility where he will spend the rest of his days. For his final recording he wrote I’m Not Going To Miss You, a farewell to his wife.

I’m still here, but yet I’m gone
I don’t play guitar or sing my songs
They never defined who I am
The man that loves you ’til the end
You’re the last person I will love
You’re the last face I will recall
And best of all, I’m not gonna to miss you.

You may not want to view this at work.

The history of Lucy’s pulling the football away from Charlie Brown in Peanuts

One of the longest running plot lines in Peanuts was Lucy’s pulling the football away from Charlie Brown as he went to kick it.

It’s no spoiler to tell you that he never does but what I was not aware of was how long this particular plot line went on and how it came about. I didn’t start reading the comics on my own to close to ten years after the first strip of Lucy and Charlie Brown so I assumed it was just a joke that Schulz introduced randomly. It wasn’t, and the history is a good reminder of how dark Peanuts could be.